Adidas have suffered a security breach that may have put some of its customers’ data at risk. The company said that an “unauthorized party” said it had gained access to customer data on Adidas’ US website. Currently, it believes only customers who shopped on and purchased items from the US version of Adidas.com may have been affected by the breach. IT security experts commented below.
Javvad Malik, Security Advocate at AlienVault:
Secondly, without having monitoring controls in place, a company cannot say with certainty whether the claim of a breach is true or not. This leads to any malicious party being able to claim that they have breached a company, even if they haven’t, leading to unnecessary activity needing to be undertaken by the company and its customers, not to mention the potential lack of trust this creates.”
David Ross, VP of Research at SecureAuth + Core Security:
“Customers who have shared contact information including addresses, email addresses, and login information, should immediately reset passwords on other accounts where they may have reused the same password. They should also be vigilant to help mitigate the potential effects of identity theft.
“With 81 percent of data breaches attributed to attackers walking through the front door with stolen credentials, breaches where login information is stolen can have an equal negative impact on businesses as they do on consumers. Retailers should employ identity and access management solutions that provides the strongest protection while balancing a frictionless user experience.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.